<?php

/**
 * 验证用户身份拦截
 * @author: wjp 2017-05-16
 *
 */
class PhalApi_Filter_SessionSign implements PhalApi_Filter
{
    public function check()
    {




//        if(in_array($classAction['0'],['WeOpen'])){
//            if(isset($allParams['accessToken'])){
//                $userId = DI() -> redis -> getInfo($allParams['accessToken']);
//                if(empty($userId)){
//                    $userToken = $tokenModel -> seletcUserId($allParams['accessToken']);
//                    if($userToken == null || $userToken['userId'] == null)
//                        return null;
//                    $userId = $userToken['userId'];
//                }
//                $userModel = new Model_WeUser();
//                $loginUser = $userModel -> getUserId($userId);
//                if($loginUser['status'] != 1)
//                    throw new PhalApi_Exception_BadRequest(T('用户已冻结'), 10);
//
//                DI() -> user = $loginUser;
//            }
//            return null;
//        }
//
//        // 后台接口
//        if( strstr($classAction[0], 'Back')){
//            if(!isset($allParams['backToken']) || $allParams['backToken'] == null)
//                return null;
////            throw new PhalApi_Exception_BadRequest(T('用户未登录'), 6);
//            $userId = DI() -> redis -> getInfo($allParams['backToken']);
//            if(empty($userId)){
//                $userToken = $tokenModel -> seletcUserId($allParams['backToken']);
//                if($userToken == null)
//                    throw new PhalApi_Exception_BadRequest(T('用户未登录'), 6);
//            }
//            //查后台管理用户信息
//            return null;
//        }
//
//
//        // app接口的
//        $userId = DI() -> redis -> getInfo($allParams['accessToken']);
//        if(empty($userId)){
//            $userToken = $tokenModel -> seletcUserId($allParams['accessToken']);
//            if($userToken == null || $userToken['userId'] == null)
//                throw new PhalApi_Exception_BadRequest(T('用户未登录'), 6);
//            $userId = $userToken['userId'];
//        }
//
//        $userModel = new Model_WeUser();
//        $loginUser = $userModel -> getUserId($userId);
//        if($loginUser['status'] != 1)
//            throw new PhalApi_Exception_BadRequest(T('用户已冻结'), 10);
        $allParams = DI()->request->getAll();
        if(isset($allParams['accesstoken']) != null){
            $tokenModel = new Model_UserToken();
            $userToken = $tokenModel -> seletcUserId($allParams['accesstoken']);
            if($userToken == null || $userToken['userId'] == null)
                return null;
            $userId = $userToken['userId'];
            $userModel = new Model_WeUser();
            $loginUser = $userModel -> getUserId($userId);
            DI() -> user = $loginUser;
        }

        if(!isset($allParams['service']))
            return null;
        $classAction = explode(".",$allParams['service']);
        if(strpos($classAction['0'],'Back') !==false && $loginUser['level']<=1)
            throw new PhalApi_Exception_BadRequest(T('权限不足'), 10);
    }

    private function getallheaders(){
        $headers = [];
        foreach($_SERVER as $name => $value){
            if (substr($name, 0, 5) == 'HTTP_') {
                $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value;
            }
        }
        return $headers;
    }
}
